Systems and methods for automated threat modeling when deploying infrastructure as a code
Abstract
Systems and methods of generating a threat model from a code file are defined. The system includes one or more data stores communicatively coupled with a processor, and storing information on a plurality of properties to be configured for one or more resources included in the code file and a plurality of security threats associated with one or more values of the plurality of properties. The system analyzes the code file to identify one or more properties associated with the one or more resources included in the code file. For each property, a value for the property defined in the code file is identified, one or more security threats are determined based on the identified value for the property, using the information stored in the data stores. The system generates a threat model for the one or more resources based on the determined one or more security threats.
Claims
exact text as granted — not AI-modifiedThe invention claimed is:
1. A processor-executed method of generating a threat model from a code file, comprising:
providing one or more first data stores communicatively coupled with the processor, the one or more first data stores storing information on:
a plurality of properties to be configured for one or more resources included in the code file; and
a plurality of security threats associated with one or more values of the plurality of properties;
analyzing the code file to identify one or more properties, of the plurality of properties, associated with the one or more resources included in the code file;
for each property of the identified one or more properties:
identifying a value for the property defined in the code file; and
determining one or more security threats based on the identified value for the property, using the information stored in the one or more first data stores; and
generating a threat model for the one or more resources based on the determined one or more security threats.
2. The method according to claim 1 , further comprising:
displaying the threat model on a user interface, the displayed threat model including links between the one or more resources and a listing of the one or more security threats.
3. The method according to claim 1 , further comprising:
identifying one or more dubious properties that generated each security threat of the one or more security threats; and
identifying, using the information stored in the one or more first data stores, a modified value for each of the identified one or more dubious properties that generated each security threat to mitigate the one or more security threats.
4. The method according to claim 3 , further comprising:
changing the value of the identified one or more dubious properties that generated each security threat to the modified value to generate a modified code file having mitigated security threats.
5. The method according to claim 3 , further comprising:
displaying, on a user interface, an indication of the one or more dubious properties that generated each security threat of the one or more security threats.
6. The method according to claim 5 , further comprising:
displaying, on the user interface, an indication of the modified value of the one or more dubious properties that generated each security threat of the one or more security threats.
7. The method according to claim 1 , wherein generating the threat model further comprises:
providing one or more second data stores communicatively coupled with the processor, the one or more second data stores storing information on:
a plurality of threat model components; and
a plurality of threats, wherein each threat of the plurality of threats is associated with at least one of the components of the plurality of threat model components;
generating a mapping of the one or more resources included in the code file to one or more components of the plurality of threat model components; and
generating the threat model based on the generated mapping and the information stored in the one or more second data stores.
8. The method according to claim 7 ,
wherein the one or more second data stores further store information on:
a plurality of security requirements, including storing an indication of whether each security requirement of the plurality of security requirements is a compensating control; and
an association between each compensating control and at least one of the plurality of threats stored in the one or more second data stores, and
wherein the method further comprises identifying one or more compensating controls associated with the determined one or more security threats.
9. The method according to claim 8 , further comprising adding the identified one or more compensating controls associated with the determined one or more security threats to the code file to generate a modified code file having mitigated security threats.
10. The method according to claim 8 , further comprising displaying, on a user interface, an indication of the identified one or more compensating controls associated with the determined one or more security threats.
11. A processor-executed method of generating a threat model from a code file, comprising:
providing one or more data stores communicatively coupled with the processor, the one or more data stores storing information on:
a plurality of properties to be configured for one or more resources included in the code file; and
a plurality of security threats associated with one or more values of the plurality of properties;
analyzing the code file to identify one or more properties, of the plurality of properties, associated with the one or more resources included in the code file;
for each property of the identified one or more properties:
identifying a value for the property defined in the code file; and
determining one or more security threats based on the identified value for the property, using the information stored in the one or more data stores;
identifying one or more dubious properties that generated each security threat of the one or more security threats; and
displaying, on a user interface, an indication of the one or more dubious properties that generated each security threat of the one or more security threats.
12. The method according to claim 11 , further comprising identifying, using the information stored in the one or more data stores, a modified value for each of the identified one or more dubious properties that generated each security threat to mitigate the one or more security threats.
13. The method according to claim 12 , further comprising changing the value of the identified one or more dubious properties that generated each security threat to the modified value to mitigate the one or more security threats.
14. The method according to claim 12 , further comprising displaying, on the user interface, an indication of the modified value of the one or more dubious properties that generated each security threat of the one or more security threats.
15. The method according to claim 11 , further comprising identifying, based on the determined one or more security threats, one or more security properties or one or more compensating controls that mitigate the determined one or more security threats,
wherein the one or more compensating controls include a property to be defined for another resource referenced in the one or more properties associated with the one or more resources included in the code file.
16. A system that generates a threat model from a code file, comprising:
one or more first data stores configured to store information on:
a plurality of properties to be configured for one or more resources included in the code file; and
a plurality of security threats associated with one or more values of the plurality of properties;
one or more memories configured to store instructions; and
one or more computing devices communicatively connected to the one or more first data stores and the one or more memories and configured to execute the stored instructions to:
analyze the code file to identify one or more properties, of the plurality of properties, associated with the one or more resources included in the code file;
for each property of the identified one or more properties:
identify a value for the property defined in the code file; and
determine one or more security threats based on the identified value for the property, using the information stored in the one or more first data stores; and
generate a threat model for the one or more resources based on the determined one or more security threats.
17. The system according to claim 16 , further including a user interface,
wherein the one or more computing devices further execute the stored instructions to display the threat model on the user interface, the displayed threat model including links between the one or more resources and a listing of the one or more security threats.
18. The system according to claim 16 , wherein the one or more computing devices further execute the stored instructions to:
identify one or more dubious properties that generated each security threat of the one or more security threats; and
identify, using the information stored in the one or more data stores, a modified value for each of the identified one or more dubious properties that generated each security threat to mitigate the one or more security threats.
19. The system according to claim 18 , wherein the one or more computing devices further execute the stored instructions to:
change the value of the identified one or more dubious properties that generated each security threat to the modified value to generate a modified code file having mitigated security threats.
20. The system according to claim 18 , wherein the one or more computing devices further execute the stored instructions to:
display, on a user interface, an indication of the one or more dubious properties that generated each security threat of the one or more security threats.
21. The system according to claim 20 , wherein the one or more computing devices further execute the stored instructions to:
display, on the user interface, an indication of the modified value of the one or more dubious properties that generated each security threat of the one or more security threats.
22. The system according to claim 16 , further including one or more second data stores communicatively coupled with the one or more computing devices, the one or more second data stores configured to store information on:
a plurality of threat model components; and
a plurality of threats, wherein each threat of the plurality of threats is associated with at least one of the components of the plurality of threat model components,
wherein the one or more computing devices further execute the stored instructions to:
generate a mapping of the one or more resources included in the code file to one or more components of the plurality of threat model components; and
generate the threat model based on the generated mapping and the information stored in the one or more second data stores.
23. The system according to claim 22 ,
wherein the one or more second data stores are further configured to store information on:
a plurality of security requirements, including an indication of whether each security requirement of the plurality of security requirements is a compensating control; and
an association between each compensating control and at least one of the plurality of threats stored in the one or more second data stores, and
wherein the one or more computing devices further execute the stored instructions to identify one or more compensating controls associated with the determined one or more security threats.
24. The system according to claim 23 , wherein the one or more computing devices further execute the stored instructions to add the identified one or more compensating controls associated with the determined one or more security threats to the code file to generate a modified code file having mitigated security threats.
25. The system according to claim 23 , further including a user interface,
wherein the one or more computing devices further execute the stored instructions to display, on the user interface, an indication of the identified one or more compensating controls associated with the determined one or more security threats.
26. A system that generates a threat model from a code file, comprising:
a user interface;
one or more data stores configured to store information on:
a plurality of properties to be configured for one or more resources included in the code file; and
a plurality of security threats associated with one or more values of the plurality of properties;
one or more memories configured to store instructions; and
one or more computing devices communicatively connected to the one or more data stores and the one or more memories and configured to execute the stored instructions to:
analyze the code file to identify one or more properties, of the plurality of properties, associated with the one or more resources included in the code file;
for each property of the identified one or more properties:
identify a value for the property defined in the code file; and
determine one or more security threats based on the identified value for the property, using the information stored in the one or more data stores;
identify one or more dubious properties that generated each security threat of the one or more security threats; and
display, on the user interface, an indication of the one or more dubious properties that generated each security threat of the one or more security threats.
27. The system according to claim 26 , wherein the one or more computing devices further execute the stored instructions to identify, using the information stored in the one or more data stores, a modified value for each of the identified one or more dubious properties that generated each security threat to mitigate the one or more security threats.
28. The system according to claim 27 , wherein the one or more computing devices further execute the stored instructions to change the value of the identified one or more dubious properties that generated each security threat to the modified value to mitigate the one or more security threats.
29. The system according to claim 27 , wherein the one or more computing devices further execute the stored instructions to display, on the user interface, an indication of the modified value of the one or more dubious properties that generated each security threat of the one or more security threats.
30. The system according to claim 26 ,
wherein the one or more computing devices further execute the stored instructions to identify, based on the determined one or more security threats, one or more security properties or one or more compensating controls that mitigate the determined one or more security threats, and
wherein the one or more compensating controls include a property to be defined for another resource referenced in the one or more properties associated with the one or more resources included in the code file.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.